Home Hacking XSS Vulnerability In Wix.com Puts Millions Of Websites At Risk

XSS Vulnerability In Wix.com Puts Millions Of Websites At Risk

2 min read
0
0

XSS Vulnerability In Wix.com Puts Millions Of Websites At Risk

Wix.com -The website hosting provider which also provides free drag-and-drop website building tools is affected by n XSS vulnerability which was discovered recently. This XSS vulnerability is putting millions of websites and their users at risk of attack.

Wix hosts millions of websites with 87 million registered users all of which are currently vulnerable to an XSS bug which can be utilized by attackers to create worms capable of taking over administrator accounts. In short it gives the attackers full control over websites.

How Does This XSS Vulnerability Works?

All an attacker needs to do is add a redirection command to any URL from Wix.com and redirect to malicious JavaScript hosted else where.

Attackers can also use template and demos hosted on the main Wix.com domain to gain access to admin session cookies and resources. Once a session cookie has been stolen then the attackers can place the DOM XSS in an iframe to host malicious content on any website controlled by a single operator.

Despite being responsible for the security of millions of users, Wix hasn’t fixed this bug yet.

Load More Related Articles
Load More In Hacking

Leave a Reply

Your email address will not be published. Required fields are marked *

Check Also

New Cold Boot Attacks Can Evade Current Mitigations

New Cold Boot Attacks Can Evade Current Mitigations Many people tend to put laptops to ‘Sl…